| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <87zfaqxymu.wl-maz@kernel.org>
Date: Fri, 19 Sep 2025 16:14:49 +0100
From: Marc Zyngier <maz@...nel.org>
To: Mark Brown <broonie@...nel.org>
Cc: Oliver Upton <oliver.upton@...ux.dev>,
Joey Gouly <joey.gouly@....com>,
Catalin Marinas <catalin.marinas@....com>,
Suzuki K Poulose <suzuki.poulose@....com>,
Will Deacon <will@...nel.org>,
Paolo Bonzini <pbonzini@...hat.com>,
Jonathan Corbet <corbet@....net>,
Shuah Khan <shuah@...nel.org>,
Dave Martin <Dave.Martin@....com>,
Fuad Tabba <tabba@...gle.com>,
Mark Rutland <mark.rutland@....com>,
linux-arm-kernel@...ts.infradead.org,
kvmarm@...ts.linux.dev,
linux-kernel@...r.kernel.org,
kvm@...r.kernel.org,
linux-doc@...r.kernel.org,
linux-kselftest@...r.kernel.org,
Peter Maydell <peter.maydell@...aro.org>,
Eric Auger <eric.auger@...hat.com>
Subject: Re: [PATCH v8 06/29] KVM: arm64: Introduce non-UNDEF FGT control
On Tue, 02 Sep 2025 12:36:09 +0100,
Mark Brown <broonie@...nel.org> wrote:
>
> We have support for determining a set of fine grained traps to enable for
> the guest which is tied to the support for injecting UNDEFs for undefined
> features. This means that we can't use the mechanism for system registers
> which should be present but need emulation, such as SMPRI_EL1 which should
> be accessible when SME is present but if SME priority support is absent
> SMPRI_EL1.Priority should be RAZ.
>
> Add an additional set of fine grained traps fgt, mirroring the existing fgu
> array. We use the same format where we always set the bit for the trap in
> the array as for FGU. This makes it clear what is being explicitly managed
> and keeps the code consistent.
>
> We do not convert the handling of ARM_WORKAROUND_AMPERE_ACO3_CPU_38 to this
> mechanism since this only enables a write trap and when implementing the
> existing UNDEF that we would share the read and write trap enablement (this
> being the overwhelmingly common case).
>
> Signed-off-by: Mark Brown <broonie@...nel.org>
> ---
> arch/arm64/include/asm/kvm_host.h | 6 ++++++
> arch/arm64/kvm/hyp/include/hyp/switch.h | 7 ++++---
> 2 files changed, 10 insertions(+), 3 deletions(-)
>
> diff --git a/arch/arm64/include/asm/kvm_host.h b/arch/arm64/include/asm/kvm_host.h
> index 2f2394cce24e..b501c2880ba2 100644
> --- a/arch/arm64/include/asm/kvm_host.h
> +++ b/arch/arm64/include/asm/kvm_host.h
> @@ -302,6 +302,12 @@ struct kvm_arch {
> */
> u64 fgu[__NR_FGT_GROUP_IDS__];
>
> + /*
> + * Additional FGTs to enable for the guests, eg. for emulated
> + * registers,
> + */
> + u64 fgt[__NR_FGT_GROUP_IDS__];
> +
Conceptually, this serves the same role as the existing control
registers (HCR_EL2, HCRX_EL2, MDCR_EL2), which are obviously
per-vcpu. So having this on a per-VM basis doesn't really work,
because we definitely don't expect this to be uniform (see
20250917203125.283116-3-oliver.upton@...ux.dev for an example of why
this is not the case).
FGUs are uniform, because when something doesn't exist on a vcpu, it
doesn't exist on *any* vcpu. Non-FGU use of FGTs, however, has to be
more flexible because that's part of the emulation, and is actually
pretty rare that we want to trap something at all times, on all vcpus.
For the same reason, conflating the R and W registers doesn't work
either. For the above example, I want to be able to trap write
accesses to MDSCR_EL1, and not reads, just like the Ampere
brain-damage.
So please make this per-vcpu, decouple R and W FGTs, and convert the
Ampere horror to this scheme.
Thanks,
M.
--
Jazz isn't dead. It just smells funny.
Powered by blists - more mailing lists